Grading our identity predictions from 2006

At the beginning of 2006, we posted a list of predictions over on Digital ID World for the upcoming year in identity. In keeping with our historical tradition, I'd like to grade our past performance prior to looking toward the future.

At the beginning of 2006, we posted a list of predictions over on Digital ID World for the upcoming year in identity. In keeping with our historical tradition, I'd like to grade our past performance prior to looking toward the future.

Accordingly, I'll grade our predictions on a scale of 1-5 (where 1 is worst and 5 is best), with a possible perfect score of 50. Below are our original predictions, followed by their grade and reasons for the grade.

The Digital ID World Predictions for 2006

1. The Acquisition Cycle Continues.

Yes, we know that 2005 felt like a big acquisition year for identity -- but, trust us, we're just getting started. 2006 will see acquisitions continue.

Grade: 5.

Reasoning: Companies acquired in the identity space in 2006 include TrustCenter (acquired by GeoTrust), Visage (merged with Identix), GeoTrust (acquired by Verisign), Business Signatures (acquired by Entrust), Passmark (acquired by RSA), Virsa (acquired by SAP), and RSA Security (the big one - acquired by EMC). There's no doubt that 2006 saw the identity acquisitions continue in force.

2. The Funding Continues as well.

VC funding in this sector won't stop. In fact, we believe that VCs will get more and more aggressive, as startups will increasingly "pitch" themselves as identity companies and new products will increasingly be seen as identity products.

As we've been highlighting on the blog, companies are now beginning to change their positioning so that they're "identity companies" -- and really they are. In fact, the identity universe is (in spite of all of the acquisitions) expanding. In 2006, companies will start rushing to associate themselves with identity.

Grade: 5.

Reasoning: All one need do is read our coverage of how the NAC space is adopting identity, but beyond that companies in areas like mashups, SOA, geo-location and enterprise rights management continue to embrace the identity message.

4. Collaboration applications will get in the identity game.

One of the areas that will suddenly find itself in the middle of the identity conversation will be collaboration applications -- by that we mean blogs, feedreaders, wikis, etc. The new "social networking" applications will start to seriously go after the identity game in 2006.

Grade: 1.

Reasoning: I could argue that this prediction should be graded higher in light of the blogosphere's adoption of identity protocols, but alas, my general sense is that collaboration applications (and those in the "web 2.0" world) are still largely seeing identity as somebody else's problem.

5. URL-based identity will gain some traction.

Yes, we're following the URL-based identity work. Yes, we think its important. Yes, we think it will accomplish some interoperability tests in 2006. Yes, we think it will gain some traction with the alpha geek community -- and stop just short of a critical mass. Watch for URL-based identity to create a deeper understanding of identity for a larger community.

Grade: 5.

Reasoning: OpenID, OSIS, Higgins, Cardspace, Sxip -- the list goes on and on. The work happening in the URL-based identity space is now not only driven by the smaller players, but the larger ones (like Verisign) as well. URL-based identity made an *awful* lot of progress in 2006, but didn't reach critical mass.

6. Identity comes to Search.

Call this one something that happens in an alpha state in 2006. Either Yahoo!, Microsoft or Google will either announce or release an early version of a search product that brings identity profiles to bear. Somebody get me Vint Cerf on the phone! ;-)

Grade: 1.

Reasoning: Another one that I *wished* would've happened, but didn't. While Yahoo!, Microsoft and Google all made some pushes into personalized search (close), no one truly launched identity-based search based on profiles (but no cigar).

7. Strong Auth is the story of the year.

The effects of the FFIEC guidelines haven't even begun to be felt -- 2006 will be the year of strong auth. We won't encounter the problems (yet), just the success. Be prepared to cut through the hype, and watch as the terms "layered authentication" become standard place among industry insiders.

Grade: 4.

Reasoning: While every day seemed to bring new horror stories of unauthorized access to sensitive data and the need for strong authentication, I'm stopping short of calling strong auth the story of the year. Is strong auth succeeding in the market? Yes. Is it the identity story of the year? More on that below.

8. "Risk Management" becomes the identity driver.

In conjunction with strong auth, we'll all come to see that "risk management" is the larger business driver behind the identity deployments in 2006. Watch the analysts as they bear this out - "risk management, risk management, risk management" -- it just sounds daunting ;-).

Grade: 1.

Reasoning: "Risk managment" began to get some play as the driver in identity circles -- especially as it relates to strong authentication. Still, at the end of the day, auditing and accountability, as driven by compliance initiatives landed at the top of the "driver" heap.

9. SAP comes to the party. Microsoft makes a splash with ADFS. The "big guys" concentrate on acquisition integration.

Okay, this is a three-parter (so that I don't go over the magic number of 10).

1) SAP comes to the party - and I mean through more than simple "partnership" announcements. Shall we start a pool on who they buy?

Grade: 3.

Reasoning: SAP bought Virsa -- a clear play in the identity-compliance space, but they didn't make the brand name acquisition I was expecting. Hence, the 3.

2) ADFS *accelerates* federation. Yes, we think SAML 2.0 will as well - but Microsoft can really flip the switch on federation by pushing ADFS out to their customers. WS-Federation is the fast-mover in 2006.

Grade: 3.

Reasoning: Federation *definitely* accelerated in 2006 -- maybe more so than any emerging category. But my sense of that acceleration is that while WS-Federation saw a large uptake, SAML still ruled the roost.

3) Translation: "Big Guys" - CA, Oracle, BMC, etc. "Integration" - "Our suite is better, more complete, faster, more efficient, cheaper, insert competitive differentiator, than theirs." On the side - watch Sun, RSA Security, and Novell - they won't really play this game, and may score some big wins because of it.

Grade: 5.

Reasoning: Have you spoken with a large identity suite vendor lately?

Average grade for #9: 3.6.

10. The Divide between User-centric and Enterprise Identity management is the number one conversation in 2006.

Its something we've identified and focused on for some time -- the two different conversations that are "user-centric" identity and "enterprise identity." The historical gap between these two areas is now being addressed by serious folks in the identity game -- and 2006 will see this be the most powerful conversation in the land.

Grade: 5.

Reasoning: I'd give us a "10" on this one if I could. User-centric identity dominated the discussion in nearly all identity circles in 2006.